Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

Exemptions to Copyright Law Sought

Security researchers and others are seeking exemptions from the Digital Millennium Copyright Act.

As corporations and musicians continue to flex their muscles under the Digital Millennium Copyright Act, security researchers, academics and private citizens are petitioning the federal government to grant key exceptions to the controversial law.

At the invitation of the U.S. Copyright Office at the Library of Congress, dozens of people submitted comments last fall on a portion of the DMCA that prohibits circumvention of copyright protection for access control technologies. Although the suggestions for exemptions are wide-ranging, several high-profile security experts said that without relief from the DMCA, they will be unable to continue their work, allowing crackers and other criminals to gain the upper hand.

Some are asking for an exemption for research on musical and audiovisual works, as well as software programs and databases that are protected by access control mechanisms containing flaws and vulnerabilities.

"The costs of prohibiting circumvention of the proposed exempt class of works are enormous," said Shaw Hernan, a senior member of the technical staff at the CERT Coordination Center, in Pittsburgh. "The failure to be able to test, and subsequently remediate, security flaws in software and databases is estimated to cost the American economy significant dollar amounts per year."

Further reading

Those costs would come from crackers using unknown flaws to access programs and databases, repairs to damaged networks, and lost revenue in the industry from customers who dont buy products out of concerns over poor security, Hernan said.

Those sentiments were echoed by Edward Felten, an associate professor of computer science at Princeton University, in Princeton, N.J., and co-author of a paper detailing his teams successful crack of four digital watermarking technologies developed for the Secure Digital Music Initiative. The paper, released in August 2001, led to a widely publicized lawsuit by the Recording Industry Association of America to stop publication.

Felten writes that the DMCAs prohibitions are preventing legitimate researchers from advancing the state of the art in access control technologies, while doing nothing to prevent crackers from continuing their activities. "Todays state of the art does not provide the desired level of protection for copyrighted content, so future research is needed," Felten writes. "Without an exemption for legitimate research, much of the needed research will not occur."

The Librarian of Congress will consider all the comments, as well as responses to those comments, which are due by Feb. 19. No date for a decision on any exemptions has been announced.

By submitting your information, you agree that eweek.com may send you eWEEK offers via email, phone and text message, as well as email offers about other products and services that eWEEK believes may be of interest to you. eWEEK will process your information in accordance with the Quinstreet Privacy Policy.

We ran into a problem

We already have your email address on file. Please use the "Forgot your password?" link to create a password, validate your email and login.